Configure a column once. DeltaForge transforms it in memory during the read path, so the value written to the Delta table is already protected. No separate masking pipeline. No exposure window.
Choose by what the column means and who needs to see it
For identifiers that must never be recovered. Same input always lands on the same hash, so joins still work.
For values you may need to recover under a key custody process. Deterministic, so encrypted columns remain joinable.
Display-style masking for emails, phones, cards, and other structured fields. Keeps the shape, hides the value.
Reduces precision for k-anonymity: dates to coarser buckets, ages to ranges, postal codes to prefixes.
Replaces values with stable tokens within a configurable scope. Linkability is a knob, not a default.
A single command attaches a transform to a column
Rules are SQL DDL, stored in the catalog, versioned with the rest of your schema. No external config file to drift.
The raw value never reaches the Delta table. The transform runs in memory before the write commits.
Enable, disable, and inspect rules at any time. Every change is captured in the audit log.
Battle-tested primitives, no bespoke schemes
Industry-standard hashing, authenticated encryption, and key derivation. No custom or proprietary cryptography.
Bring your own key store. Cloud secret managers and on-prem vaults are supported. Keys never have to leave them.
Configure a column, choose a transform, and DeltaForge handles the rest in-memory on every write.